PuTTY wish hostkey-policy

This is a mirror. The primary PuTTY web site can be found here.

Home | Licence | FAQ | Docs | Download | Keys | Links
Mirrors | Updates | Feedback | Changes | Wishlist | Team

summary: Enhanced flexibility in SSH host key lookup policy
class: wish: This is a request for an enhancement.
difficulty: tricky: Needs many tuits.
priority: medium: This should be fixed one day.

PuTTY's host key lookup policy is extremely simple at the moment. The name under which a host key is filed in the Registry is exactly the name you typed into the Hostname box. This avoids ever trusting the DNS for anything. The choice of which key to use is also very simple - we have a fixed preference order of RSA, DSS (for SSH-2).

Recent versions of OpenSSH appear to file keys under IP addresses as well, although I've never stopped to work out what the semantics of this is. (Is a key considered valid only if it appears from the same host name _and_ IP address, or if it appears from either, or what?) It might be good to sit down and work out what OpenSSH's policy actually is, and wonder whether we want to implement it in PuTTY.

For the benefit of really weird network setups, it would be nice to be able to explicitly specify what name to store a host key under. (For example, if you're connecting through an SSH port forwarding to the SSH port of another machine, and you've previously connected directly to the same machine, then really you want to be looking the host key up under the same name as it was already stored. You almost certainly don't want to permanently associate that host key with the temporary port number on your local machine which you've chosen for the forwarding.)

When there's a choice of host keys available for a host, perhaps PuTTY should adjust its stated preferences so that the ones it has cached come first. Need to think about that a bit. At the very least, when a new host key prompt is given, PuTTY should mention if it already has host keys for a host in other formats - particularly important when the default protocol changes to SSH-2, or a server that previously offered DSS keys starts supporting RSA too.

Audit trail for this wish.


If you want to comment on this web site, see the Feedback page.
(last revision of this bug record was at 2004-11-16 15:27:00 +0000)